148 matches found
CVE-2025-9239
A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...
CVE-2025-9241
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
CVE-2025-9241
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
CVE-2025-9241 elunez eladmin exportUser csv injection
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
CVE-2025-9241 elunez eladmin exportUser csv injection
A weakness has been identified in elunez eladmin up to 2.7. This affects the function exportUser. This manipulation causes csv injection. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited...
CVE-2025-9241
CVE-2025-9241 affects elunez eladmin up to version 2.7. The vulnerability resides in the exportUser function, which does not escape/export CSV content, enabling CSV injection. Exploitation can be remote and public exploits exist. Multiple connected sources corroborate the issue and identify the s...
CVE-2025-9240
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...
CVE-2025-9240
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...
CVE-2025-9240
The CVE concerns elunez eladmin up to 2.7, with a vulnerability in the /auth/info functionality that leads to information disclosure. Exploitation is remote and publicly released. A fix is available: upgrade to version 2.8 or later (documented across PT-2025-34145, CNNVD/EUVD/NVD entries). Eviden...
CVE-2025-9240 elunez eladmin info information disclosure
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...
CVE-2025-9240 elunez eladmin info information disclosure
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some unknown functionality of the file /auth/info. The manipulation results in information disclosure. The attack can be launched remotely. The exploit has been released to the public and may be exploited...
CVE-2025-9239
A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...
CVE-2025-9239
A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...
CVE-2025-9239 elunez eladmin DES Key EncryptUtils.java EncryptUtils inadequate encryption
A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...
CVE-2025-9239
The CVE-2025-9239 vulnerability affects elunez eladmin up to version 2.7, specifically the EncryptUtils class in the DES Key Handler (eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java). Manipulating the STR PARAM input (example: Passw0rd) results in inadequate encryption strength. ...
CVE-2025-9239 elunez eladmin DES Key EncryptUtils.java EncryptUtils inadequate encryption
A vulnerability was identified in elunez eladmin up to 2.7. Affected by this vulnerability is the function EncryptUtils of the file eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java of the component DES Key Handler. The manipulation of the argument STRPARAM with the input Passw0rd...
PT-2025-34151 · Unknown · Elunez Eladmin
Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A weakness has been identified in the exportUser function, which can lead to CSV injection. The attack can be initiated remotely and the exploit has been made publicly available...
PT-2025-34143 · Elunez · Elunez Eladmin
Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A vulnerability exists in the EncryptUtils function within the DES Key Handler component of elunez eladmin. Manipulation of the STR PARAM argument with the input Passw0rd results in inadequate...
PT-2025-34145 · Elunez · Eladmin
Name of the Vulnerable Software and Affected Versions: elunez eladmin versions prior to 2.8 Description: A security flaw has been discovered in elunez eladmin up to version 2.7. This issue affects an unknown functionality of the file /auth/info. Manipulation of this functionality results in...
ELADMIN 安全漏洞
ELADMIN is a backend management system for elunez individual developers. A security vulnerability exists in ELADMIN 2.7 and earlier versions, which stems from insufficient authentication of access to the /auth/info file, which can be exploited by remote attackers to disclose information...